pacman/scripts/repo-add.sh.in

#!/bin/bash
#
#   repo-add - add a package to a given repo database file
#   repo-remove - remove a package entry from a given repo database file
#   @configure_input@
#
#   Copyright (c) 2006-2013 Pacman Development Team <pacman-dev@archlinux.org>
#
#   This program is free software; you can redistribute it and/or modify
#   it under the terms of the GNU General Public License as published by
#   the Free Software Foundation; either version 2 of the License, or
#   (at your option) any later version.
#
#   This program is distributed in the hope that it will be useful,
#   but WITHOUT ANY WARRANTY; without even the implied warranty of
#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#   GNU General Public License for more details.
#
#   You should have received a copy of the GNU General Public License
#   along with this program.  If not, see <http://www.gnu.org/licenses/>.

shopt -s extglob

# gettext initialization
export TEXTDOMAIN='pacman-scripts'
export TEXTDOMAINDIR='@localedir@'

declare -r myver='@PACKAGE_VERSION@'
declare -r confdir='@sysconfdir@'

QUIET=0
DELTA=0
ONLYADDNEW=0
RMEXISTING=0
WITHFILES=0
SIGN=0
VERIFY=0
REPO_DB_FILE=
LOCKFILE=
CLEAN_LOCK=0
USE_COLOR='y'

# ensure we have a sane umask set
umask 0022

m4_include(library/output_format.sh)

# print usage instructions
usage() {
	cmd=${0##*/}
	printf -- "%s (pacman) %s\n\n" "$cmd" "$myver"
	if [[ $cmd == "repo-add" ]] ; then
		printf -- "$(gettext "Usage: repo-add [options] <path-to-db> <package|delta> ...\n")"
		printf -- "\n"
		printf -- "$(gettext "\
repo-add will update a package database by reading a package file.\n\
Multiple packages to add can be specified on the command line.\n")"
		printf -- "\n"
		printf -- "$(gettext "Options:\n")"
		printf -- "$(gettext "  -d, --delta       generate and add delta for package update\n")"
		printf -- "$(gettext "  -n, --new         only add packages that are not already in the database\n")"
		printf -- "$(gettext "  -R, --remove      remove package file from disk when updating database entry\n")"
		printf -- "$(gettext "  -f, --files       update database's file list\n")"
	elif [[ $cmd == "repo-remove" ]] ; then
		printf -- "$(gettext "Usage: repo-remove [options] <path-to-db> <packagename|delta> ...\n")"
		printf -- "\n"
		printf -- "$(gettext "\
repo-remove will update a package database by removing the package name\n\
specified on the command line from the given repo database. Multiple\n\
packages to remove can be specified on the command line.\n")"
		printf -- "\n"
		printf -- "$(gettext "Options:\n")"
	else
		printf -- "$(gettext "Please move along, there is nothing to see here.\n")"
		return
	fi
	printf -- "$(gettext "  --nocolor         turn off color in output\n")"
	printf -- "$(gettext "  -q, --quiet       minimize output\n")"
	printf -- "$(gettext "  -s, --sign        sign database with GnuPG after update\n")"
	printf -- "$(gettext "  -k, --key <key>   use the specified key to sign the database\n")"
	printf -- "$(gettext "  -v, --verify      verify database's signature before update\n")"
	printf -- "$(gettext "\n\
See %s(8) for more details and descriptions of the available options.\n")" $cmd
	printf "\n"
	if [[ $cmd == "repo-add" ]] ; then
		printf -- "$(gettext "Example:  repo-add /path/to/repo.db.tar.gz pacman-3.0.0-1-i686.pkg.tar.gz\n")"
	elif [[ $cmd == "repo-remove" ]] ; then
		printf -- "$(gettext "Example:  repo-remove /path/to/repo.db.tar.gz kernel26\n")"
	fi
}

version() {
	cmd=${0##*/}
	printf "%s (pacman) %s\n\n" "$cmd" "$myver"
	printf -- "$(gettext "\
Copyright (c) 2006-2013 Pacman Development Team <pacman-dev@archlinux.org>\n\n\
This is free software; see the source for copying conditions.\n\
There is NO WARRANTY, to the extent permitted by law.\n")"
}

# format a metadata entry
#		arg1 - Entry name
#		...  - value(s)
format_entry() {
	local field=$1; shift

	if [[ $1 ]]; then
		printf '%%%s%%\n' "$field"
		printf '%s\n' "$@"
		printf '\n'
	fi
}

find_pkgentry() {
	local pkgname=$1
	local pkgentry
	for pkgentry in "$tmpdir/tree/$pkgname"*; do
		name=${pkgentry##*/}
		if [[ ${name%-*-*} = $pkgname ]]; then
			echo $pkgentry
			return 0
		fi
	done
	return 1
}

# Get the package name from the delta filename
get_delta_pkgname() {
	local tmp

	tmp=${1##*/}
	echo ${tmp%-*-*_to*}
}

# write a delta entry
#   arg1 - path to delta file
db_write_delta() {
	deltafile=$1
	pkgname=$(get_delta_pkgname "$deltafile")

	pkgentry=$(find_pkgentry "$pkgname")
	if [[ -z $pkgentry ]]; then
		error "$(gettext "No database entry for package '%s'.")" "$pkgname"
		return 1
	fi
	deltas=$pkgentry/deltas
	if [[ ! -f $deltas ]]; then
		echo -e "%DELTAS%" >"$deltas"
	fi
	# get md5sum and compressed size of package
	md5sum=$(openssl dgst -md5 "$deltafile")
	md5sum=${md5sum##* }
	csize=$(@SIZECMD@ -L "$deltafile")

	oldfile=$(xdelta3 printhdr "$deltafile" | grep "XDELTA filename (source)" | sed 's/.*: *//')
	newfile=$(xdelta3 printhdr "$deltafile" | grep "XDELTA filename (output)" | sed 's/.*: *//')

	if grep -q "$oldfile.*$newfile" "$deltas"; then
		sed -i.backup "/$oldfile.*$newfile/d" "$deltas" && rm -f "$deltas.backup"
	fi
	msg2 "$(gettext "Adding 'deltas' entry : %s -> %s")" "$oldfile" "$newfile"
	echo "${deltafile##*/} $md5sum $csize $oldfile $newfile" >> "$deltas"

	return 0
} # end db_write_delta

# remove a delta entry
#   arg1 - path to delta file
db_remove_delta() {
	deltafile=$1
	filename=${deltafile##*/}
	pkgname=$(get_delta_pkgname "$deltafile")

	pkgentry=$(find_pkgentry "$pkgname")
	if [[ -z $pkgentry ]]; then
		return 1
	fi
	deltas=$pkgentry/deltas
	if [[ ! -f $deltas ]]; then
		return 1
	fi
	if grep -q "$filename" "$deltas"; then
		sed -i.backup "/$filename/d" "$deltas" && rm -f "$deltas.backup"
		msg2 "$(gettext "Removing existing entry '%s'...")" "$filename"
		# empty deltas file contains only "%DELTAS%"
		if (( $(wc -l < "$deltas") == 1 )); then
			msg2 "$(gettext "Removing empty deltas file ...")"
			rm "$deltas"
		fi
		return 0
	fi

	return 1
} # end db_remove_delta

check_gpg() {
	if ! type -p gpg >/dev/null; then
		error "$(gettext "Cannot find the gpg binary! Is GnuPG installed?")"
		exit 1 # $E_MISSING_PROGRAM
	fi
}

# sign the package database once repackaged
create_signature() {
	(( ! SIGN )) && return
	local dbfile=$1
	local ret=0
	msg "$(gettext "Signing database...")"

	local SIGNWITHKEY=""
	if [[ -n $GPGKEY ]]; then
		SIGNWITHKEY="-u ${GPGKEY}"
	fi
	gpg --detach-sign --use-agent ${SIGNWITHKEY} "$dbfile" &>/dev/null || ret=$?

	if (( ! ret )); then
		msg2 "$(gettext "Created signature file '%s'")" "${dbfile##*/.tmp.}.sig"
	else
		warning "$(gettext "Failed to sign package database.")"
	fi
}

# verify the existing package database signature
verify_signature() {
	(( ! VERIFY )) && return
	local dbfile=$1
	local ret=0
	msg "$(gettext "Verifying database signature...")"

	if [[ ! -f $dbfile.sig ]]; then
		warning "$(gettext "No existing signature found, skipping verification.")"
		return
	fi
	gpg --verify "$dbfile.sig" || ret=$?
	if (( ! ret )); then
		msg2 "$(gettext "Database signature file verified.")"
	else
		error "$(gettext "Database signature was NOT valid!")"
		exit 1
	fi
}

verify_repo_extension() {
	local repofile=$1

	case $repofile in
		*.@(db|files).tar.gz)  TAR_OPT="z" ;;
		*.@(db|files).tar.bz2) TAR_OPT="j" ;;
		*.@(db|files).tar.xz)  TAR_OPT="J" ;;
		*.@(db|files).tar.Z)   TAR_OPT="Z" ;;
		*.@(db|files).tar)     TAR_OPT="" ;;
		*) error "$(gettext "'%s' does not have a valid archive extension.")" \
				"$repofile"
			exit 1 ;;
	esac

	printf '%s' "$TAR_OPT"
}

# write an entry to the pacman database
#   arg1 - path to package
db_write_entry() {
	# blank out all variables
	local pkgfile=$1
	local -a _groups _licenses _replaces _depends _conflicts _provides \
		_optdepends _makedepends _checkdepends
	local pkgname pkgver pkgdesc csize size url arch builddate packager \
		md5sum sha256sum pgpsig pgpsigsize

	# read info from the zipped package
	local line var val
	while read -r line; do
		[[ ${line:0:1} = '#' ]] && continue
		IFS=' =' read -r var val < <(printf '%s\n' "$line")

		# normalize whitespace with an extglob
		declare "$var=${val//+([[:space:]])/ }"
		case $var in
			group) _groups+=("$group") ;;
			license) _licenses+=("$license") ;;
			replaces) _replaces+=("$replaces") ;;
			depend) _depends+=("$depend") ;;
			conflict) _conflicts+=("$conflict") ;;
			provides) _provides+=("$provides") ;;
			optdepend) _optdepends+=("$optdepend") ;;
			makedepend) _makedepends+=("$makedepend") ;;
			checkdepend) _checkdepends+=("$checkdepend") ;;
		esac
	done< <(bsdtar -xOqf "$pkgfile" .PKGINFO)

	# ensure $pkgname and $pkgver variables were found
	if [[ -z $pkgname || -z $pkgver ]]; then
		error "$(gettext "Invalid package file '%s'.")" "$pkgfile"
		return 1
	fi

	if [[ -d $tmpdir/tree/$pkgname-$pkgver ]]; then
		warning "$(gettext "An entry for '%s' already existed")" "$pkgname-$pkgver"
		if (( ONLYADDNEW )); then
			return 0;
		fi
	else
		if (( DELTA )); then
			pkgentry=$(find_pkgentry "$pkgname")
			if [[ -n $pkgentry ]]; then
				local oldfilename=$(grep -A1 FILENAME "$pkgentry/desc" | tail -n1)
				local oldfile="$(dirname "$1")/$oldfilename"
			fi
		elif (( RMEXISTING )); then
			# only remove existing package if we're not doing deltas
			pkgentry=$(find_pkgentry "$pkgname")
			if [[ -n $pkgentry ]]; then
				local oldfilename="$(sed -n '/^%FILENAME%$/ {n;p;q;}' "$pkgentry/desc")"
				local oldfile="$(dirname "$1")/$oldfilename"
				msg2 "$(gettext "Removing existing package '%s'")" "$oldfilename"
				rm -f ${oldfile} ${oldfile}.sig
			fi
		fi
	fi

	# compute base64'd PGP signature
	if [[ -f "$pkgfile.sig" ]]; then
		pgpsigsize=$(@SIZECMD@ -L "$pkgfile.sig")
		if (( pgpsigsize > 16384 )); then
			error "$(gettext "Invalid package signature file '%s'.")" "$pkgfile.sig"
			return 1
		fi
		msg2 "$(gettext "Adding package signature...")"
		pgpsig=$(openssl base64 -in "$pkgfile.sig" | tr -d '\n')
	fi

	csize=$(@SIZECMD@ -L "$pkgfile")

	# compute checksums
	msg2 "$(gettext "Computing checksums...")"
	md5sum=$(openssl dgst -md5 "$pkgfile")
	md5sum=${md5sum##* }
	sha256sum=$(openssl dgst -sha256 "$pkgfile")
	sha256sum=${sha256sum##* }

	# remove an existing entry if it exists, ignore failures
	db_remove_entry "$pkgname"

	# create package directory
	pushd "$tmpdir/tree" >/dev/null
	mkdir "$pkgname-$pkgver"
	pushd "$pkgname-$pkgver" >/dev/null

	# restore an eventual deltas file
	[[ -f ../$pkgname.deltas ]] && mv "../$pkgname.deltas" deltas

	# create desc entry
	msg2 "$(gettext "Creating '%s' db entry...")" 'desc'
	{
		format_entry "FILENAME"  "${1##*/}"
		format_entry "NAME"      "$pkgname"
		format_entry "BASE"      "$pkgbase"
		format_entry "VERSION"   "$pkgver"
		format_entry "DESC"      "$pkgdesc"
		format_entry "GROUPS"    "${_groups[@]}"
		format_entry "CSIZE"     "$csize"
		format_entry "ISIZE"     "$size"

		# add checksums
		format_entry "MD5SUM"    "$md5sum"
		format_entry "SHA256SUM" "$sha256sum"

		# add PGP sig
		format_entry "PGPSIG"    "$pgpsig"

		format_entry "URL"       "$url"
		format_entry "LICENSE"   "${_licenses[@]}"
		format_entry "ARCH"      "$arch"
		format_entry "BUILDDATE" "$builddate"
		format_entry "PACKAGER"  "$packager"
		format_entry "REPLACES"  "${_replaces[@]}"
	} >'desc'

	# create depends entry
	msg2 "$(gettext "Creating '%s' db entry...")" 'depends'
	{
		format_entry "DEPENDS" "${_depends[@]}"
		format_entry "CONFLICTS" "${_conflicts[@]}"
		format_entry "PROVIDES" "${_provides[@]}"
		format_entry "OPTDEPENDS" "${_optdepends[@]}"
		format_entry "MAKEDEPENDS" "${_makedepends[@]}"
		format_entry "CHECKDEPENDS" "${_checkdepends[@]}"
	} >'depends'

	popd >/dev/null
	popd >/dev/null

	# create files file if wanted
	if (( WITHFILES )); then
		msg2 "$(gettext "Creating '%s' db entry...")" 'files'
		local files_path="$tmpdir/tree/$pkgname-$pkgver/files"
		echo "%FILES%" >"$files_path"
		bsdtar --exclude='^.*' -tf "$pkgfile" >>"$files_path"
	fi

	# create a delta file
	if (( DELTA )); then
		if [[ -n $oldfilename ]]; then
			if [[ -f $oldfile ]]; then
				delta=$(pkgdelta -q "$oldfile" "$1")
				if [[ -f $delta ]]; then
					db_write_delta "$delta"
				fi
			else
				warning "$(gettext "Old package file not found: %s")" "$oldfilename"
			fi
		fi
	fi

	return 0
} # end db_write_entry

# remove existing entries from the DB
#   arg1 - package name
db_remove_entry() {
	local pkgname=$1
	local notfound=1
	local pkgentry=$(find_pkgentry "$pkgname")
	while [[ -n $pkgentry ]]; do
		notfound=0
		if [[ -f $pkgentry/deltas ]]; then
			mv "$pkgentry/deltas" "$tmpdir/tree/$pkgname.deltas"
		fi
		msg2 "$(gettext "Removing existing entry '%s'...")" \
		"${pkgentry##*/}"
		rm -rf "$pkgentry"
		pkgentry=$(find_pkgentry "$pkgname")
	done
	return $notfound
} # end db_remove_entry

elephant() {
	case $(( RANDOM % 2 )) in
		0) printf '%s\n' "H4sIAL3qBE4CAyWLwQ3AMAgD/0xh5UPzYiFUMgjq7LUJsk7yIQNAQTAikFUDnqkr" \
		                 "OQFOUm0Wd9pHCi13ONjBpVdqcWx+EdXVX4vXvGv5cgztB9+fJxZ7AAAA"
		;;

		1) printf '%s\n' "H4sIAJVWBU4CA21RMQ7DIBDbeYWrDgQJ7rZ+IA/IB05l69alcx5fc0ASVXUk4jOO" \
		                 "7yAAUWtorygwJ4hlMii0YkJKKRKGvsMsiykl1SalvrMD1gUXyXRkGZPx5OPft81K" \
		                 "tNAiAjyGjYO47h1JjizPkJrCWbK/4C+uLkT7bzpGc7CT9bmOzNSW5WLSO5vexjmH" \
		                 "ZL9JFFZeAa0a2+lKjL2anpYfV+0Zx9LJ+/MC8nRayuDlSNy2rfAPibOzsiWHL0jL" \
		                 "SsjFAQAA"
		;;
	esac | openssl base64 -d | gzip -d
}

check_repo_db() {
	local repodir

	# ensure the path to the DB exists; $LOCKFILE is always an absolute path
	repodir=${LOCKFILE%/*}/

	if [[ ! -d $repodir ]]; then
		error "$(gettext "%s does not exist or is not a directory.")" "$repodir"
		exit 1
	fi

	# check lock file
	if ( set -o noclobber; echo "$$" > "$LOCKFILE") 2> /dev/null; then
		CLEAN_LOCK=1
	else
		error "$(gettext "Failed to acquire lockfile: %s.")" "$LOCKFILE"
		[[ -f $LOCKFILE ]] && error "$(gettext "Held by process %s")" "$(cat "$LOCKFILE")"
		exit 1
	fi

	if [[ -f $REPO_DB_FILE ]]; then
		# there are two situations we can have here- a DB with some entries,
		# or a DB with no contents at all.
		if ! bsdtar -tqf "$REPO_DB_FILE" '*/desc' >/dev/null 2>&1; then
			# check empty case
			if [[ -n $(bsdtar -tqf "$REPO_DB_FILE" '*' 2>/dev/null) ]]; then
				error "$(gettext "Repository file '%s' is not a proper pacman database.")" "$REPO_DB_FILE"
				exit 1
			fi
		fi
		verify_signature "$REPO_DB_FILE"
		msg "$(gettext "Extracting database to a temporary location...")"
		bsdtar -xf "$REPO_DB_FILE" -C "$tmpdir/tree"
	else
		case $cmd in
			repo-remove)
			error "$(gettext "Repository file '%s' was not found.")" "$REPO_DB_FILE"
			exit 1
			;;
			repo-add)
			# check if the file can be created (write permission, directory existence, etc)
			if ! touch "$REPO_DB_FILE"; then
				error "$(gettext "Repository file '%s' could not be created.")" "$REPO_DB_FILE"
				exit 1
			fi
			rm -f "$REPO_DB_FILE"
			;;
		esac
	fi
}

add() {
	if [[ ! -f $1 ]]; then
		error "$(gettext "File '%s' not found.")" "$1"
		return 1
	fi

	if [[ ${1##*.} == "delta" ]]; then
		deltafile=$1
		msg "$(gettext "Adding delta '%s'")" "$deltafile"
		if ! type xdelta3 &>/dev/null; then
			error "$(gettext "Cannot find the xdelta3 binary! Is xdelta3 installed?")"
			exit 1
		fi
		if db_write_delta "$deltafile"; then
			return 0
		else
			return 1
		fi
	fi

	pkgfile=$1
	if ! bsdtar -tqf "$pkgfile" .PKGINFO >/dev/null 2>&1; then
		error "$(gettext "'%s' is not a package file, skipping")" "$pkgfile"
		return 1
	fi

	msg "$(gettext "Adding package '%s'")" "$pkgfile"

	db_write_entry "$pkgfile"
}

remove() {
	if [[ ${1##*.} == "delta" ]]; then
		deltafile=$1
		msg "$(gettext "Searching for delta '%s'...")" "$deltafile"
		if db_remove_delta "$deltafile"; then
			return 0
		else
			error "$(gettext "Delta matching '%s' not found.")" "$deltafile"
			return 1
		fi
	fi

	pkgname=$1
	msg "$(gettext "Searching for package '%s'...")" "$pkgname"

	if db_remove_entry "$pkgname"; then
		rm -f "$tmpdir/tree/$pkgname.deltas"
		return 0
	else
		error "$(gettext "Package matching '%s' not found.")" "$pkgname"
		return 1
	fi
}

trap_exit() {
	# unhook all traps to avoid race conditions
	trap '' EXIT TERM HUP QUIT INT ERR

	echo
	error "$@"
	clean_up 1
}

clean_up() {
	local exit_code=${1:-$?}

	# unhook all traps to avoid race conditions
	trap '' EXIT TERM HUP QUIT INT ERR

	[[ -d $tmpdir ]] && rm -rf "$tmpdir"
	(( CLEAN_LOCK )) && [[ -f $LOCKFILE ]] && rm -f "$LOCKFILE"

	exit $exit_code
}

# PROGRAM START

# determine whether we have gettext; make it a no-op if we do not
if ! type gettext &>/dev/null; then
	gettext() {
		echo "$@"
	}
fi

case $1 in
	-h|--help) usage; exit 0;;
	-V|--version) version; exit 0;;
esac

# figure out what program we are
cmd=${0##*/}
if [[ $cmd == "repo-elephant" ]]; then
	elephant
	exit 0
fi

if [[ $cmd != "repo-add" && $cmd != "repo-remove" ]]; then
	error "$(gettext "Invalid command name '%s' specified.")" "$cmd"
	exit 1
fi

tmpdir=$(mktemp -d "${TMPDIR:-/tmp}/repo-tools.XXXXXXXXXX") || (\
	error "$(gettext "Cannot create temp directory for database building.")"; \
	exit 1)
mkdir "$tmpdir/tree"

trap 'clean_up' EXIT
for signal in TERM HUP QUIT; do
	trap "trap_exit \"$(gettext "%s signal caught. Exiting...")\" \"$signal\"" "$signal"
done
trap 'trap_exit "$(gettext "Aborted by user! Exiting...")"' INT
trap 'trap_exit "$(gettext "An unknown error has occurred. Exiting...")"' ERR

declare -a args
success=0
# parse arguments
while (( $# )); do
	case $1 in
		-q|--quiet) QUIET=1;;
		-d|--delta) DELTA=1;;
		-n|--new) ONLYADDNEW=1;;
		-R|--remove) RMEXISTING=1;;
		-f|--files) WITHFILES=1;;
		--nocolor) USE_COLOR='n';;
		-s|--sign)
			check_gpg
			SIGN=1
			if ! gpg --list-key ${GPGKEY} &>/dev/null; then
				if [[ ! -z $GPGKEY ]]; then
					error "$(gettext "The key ${GPGKEY} does not exist in your keyring.")"
				else
					error "$(gettext "There is no key in your keyring.")"
				fi
				exit 1
			fi
			;;
		-k|--key)
			check_gpg
			shift
			GPGKEY=$1
			if ! gpg --list-key ${GPGKEY} &>/dev/null; then
				error "$(gettext "The key ${GPGKEY} does not exist in your keyring.")"
				exit 1
			fi
			;;
		-v|--verify)
			check_gpg
			VERIFY=1
			;;
		*)
			args+=("$1")
			;;
	esac
	shift
done

m4_include(library/term_colors.sh)

REPO_DB_FILE=${args[0]}
if [[ -z $REPO_DB_FILE ]]; then
	usage
	exit 1
fi

if [[ $REPO_DB_FILE == /* ]]; then
	LOCKFILE=$REPO_DB_FILE.lck
else
	LOCKFILE=$PWD/$REPO_DB_FILE.lck
fi

verify_repo_extension "$REPO_DB_FILE" >/dev/null
check_repo_db

for arg in "${args[@]:1}"; do
	case $cmd in
		repo-add) add "$arg" ;;
		repo-remove) remove "$arg" ;;
	esac && success=1
done

# if at least one operation was a success, re-zip database
if (( success )); then
	msg "$(gettext "Creating updated database file '%s'")" "$REPO_DB_FILE"

	TAR_OPT=$(verify_repo_extension "$REPO_DB_FILE")
	# $LOCKFILE is already guaranteed to be absolute so this is safe
	dirname=${LOCKFILE%/*}
	filename=${REPO_DB_FILE##*/}
	# this ensures we create it on the same filesystem, making moves atomic
	tempname=$dirname/.tmp.$filename

	pushd "$tmpdir/tree" >/dev/null
	if ( shopt -s nullglob; files=(*); (( ${#files[*]} )) ); then
		bsdtar -c${TAR_OPT}f "$tempname" *
	else
		# we have no packages remaining? zip up some emptyness
		warning "$(gettext "No packages remain, creating empty database.")"
		bsdtar -c${TAR_OPT}f "$tempname" -T /dev/null
	fi
	popd >/dev/null

	create_signature "$tempname"

	# hardlink or move the previous version of the database and signature to .old
	# extension as a backup measure
	if [[ -f $REPO_DB_FILE ]]; then
		ln -f "$REPO_DB_FILE" "$REPO_DB_FILE.old" 2>/dev/null || \
			mv -f "$REPO_DB_FILE" "$REPO_DB_FILE.old"
	fi
	if [[ -f $REPO_DB_FILE.sig ]]; then
		ln -f "$REPO_DB_FILE.sig" "$REPO_DB_FILE.old.sig" 2>/dev/null || \
			mv -f "$REPO_DB_FILE.sig" "$REPO_DB_FILE.old.sig"
	else
		rm -f "$REPO_DB_FILE.old.sig"
	fi

	# rotate the newly-created database and signature into place
	mv "$tempname" "$REPO_DB_FILE"
	if [[ -f $tempname.sig ]]; then
		mv "$tempname.sig" "$REPO_DB_FILE.sig"
	fi

	dblink=${REPO_DB_FILE%.tar*}
	rm -f "$dblink" "$dblink.sig"
	ln -s "$filename" "$dblink" 2>/dev/null || \
		ln "$filename" "$dblink" 2>/dev/null || \
		cp "$REPO_DB_FILE" "$dblink"
	if [[ -f "$REPO_DB_FILE.sig" ]]; then
		ln -s "$filename.sig" "$dblink.sig" 2>/dev/null || \
			ln "$filename.sig" "$dblink.sig" 2>/dev/null || \
			cp "$REPO_DB_FILE.sig" "$dblink.sig"
	fi
else
	msg "$(gettext "No packages modified, nothing to do.")"
	exit 1
fi

exit 0
# vim: set ts=2 sw=2 noet: